Matthew  H. Meade pittsburgh

Matthew H. Meade

Chair, Cybersecurity, Data Protection & Privacy


Matt Meade concentrates his practice in the area of data security providing advice to clients regarding data breaches, information and records management, and other areas concerning data security. Matt helps clients identify business risks associated with the use and storage of sensitive information. He regularly guides clients through security incident investigations, analysis, communications, and, if necessary, responding to regulatory inquiries and litigation. He advises clients on security breach notification laws and other U.S. state and federal data security requirements (including laws regarding disposal of records). Matt drafts agreements addressing issues related to data use, privacy, and security. He also prepares document retention and management policies and develops associated training programs.

Matt speaks and writes regularly on data security matters and serves on The Sedona Conference Working Group Series Leadership Council, after previously serving on the Steering Committee for Working Group II on Data Security and Privacy, through which lawyers, judges, policy makers, security experts, technologists, and business leaders work together to identify and develop principles and best practices to constructively resolve issues surrounding data security and privacy liability. Matt has served as a Co-Chair of the ABA’s First, Second, and Third Annual National Cybersecurity Institute (2016-2018).

Representative Matters

  • Advised numerous entitles, including healthcare providers, manufacturers, retailers, schools, financial services companies, county governments and collection agency on information security breach notification procedures and development of post breach corrective action plans.
  • Coordinated response to multi-state security breaches, ransomware, and hacking incidents with local and federal law enforcement, and United States Attorney.
  • Performed comprehensive review and subsequent revisions of all security policies for leading hospitality provider and then provided data security training to managers and executives on subjects covered in policies.
  • On behalf of a healthcare automation solutions provider, obtained dismissal of claims arising from the theft of an employee’s laptop computer containing protected health information, on grounds that court lacked subject matter jurisdiction because plaintiff failed to adequately allege injury-in-fact.
  • Conducted employee cyber training sessions in hospitality, education, healthcare, manufacturing, insurance, and financial sectors.
  • Organized, ran, and oversaw tabletop mock data breach scenarios for multiple organizations including universities, energy companies, banks, insurance companies, and healthcare organizations.
  • Developed cyber training for board of directors of community bank and manufacturing company.
  • Conducted comprehensive review of security implications of agent agreements for provider of homeowner’s insurance.
  • Prepared and reviewed company security policies including Written Information Security Programs, document management, and incident response plans.
  • Coordinated internal investigations of healthcare data breaches, subsequent patient notice, communication with the Department of Health & Human Services Office of Civil Rights (“OCR”) and development of corrective steps. OCR closed the case taking no further action and noting the voluntary compliance efforts of the entity.
  • Prepared and reviewed company policies including Written Information Security Programs, document management, social networking and incident response.
  • Conducted internal investigation of processes and procedures of professional sports league, including analysis of discipline by league of teams, coaches and players, and of document management policy.
  • Conducted an internal investigation of a large-scale data leak of personnel information at a Fortune 100 Corporation; interviewing relevant employees and preparing a report and recommendations for the Executive Board.
  • Advised clients on proper security measures in connection with employee and customer personal information.

Professional Affiliations

  • Pennsylvania Bar Association
  • New York Bar Association
  • American Bar Association National Institute on Cybersecurity, Co-Chair
  • The Sedona Conference Working Group Series Leadership Council, Member
  • The Sedona Conference Working Group 11 on Data Security and Privacy Liability
    • Leader of Model Data Breach Notification Law Brainstorming Group
    • Former Steering Committee Member
  • Carnegie Mellon University CISO-Executive Program, Faculty Member

Community Involvement

  • Children’s Museum of Pittsburgh, Board Member
  • Chuck Cooper Foundation, Vice President and Board Member
  • Yale Day of Service, Co-Chair

News Releases:

Eckert Seamans’ Matthew Meade named to lead group charged with drafting new model data breach notification law

Awards and Recognition:

  • Selected for inclusion in The Best Lawyers in America – Privacy and Data Security Law (2017 – 2024) and Commercial Litigation (2015 – 2021, 2023-2024)

News and Insights


Media Coverage

News Releases

Speaking Engagements

  • “Cybersecurity: Data Security and You,” presented during the County Commissioners Association of Pennsylvania (CCAP) Insurance Programs’ Defense Counsel Meeting, October 2023.
  • Preparing for the inevitable: Cyber Security Issues Surrounding Responding to Ransomware Attacks,” presented at the Eckert Seamans’ Joel Lennen Legal Primer, August 2023.
  • “The Sedona Conference Commentary on Proposed Model Data Breach Notification Law,” webinar moderator, July 2023.
  • “Breach Coach: Working with Outside Counsel,” presented at the Data Breaches: A Primer for County Attorneys program co-sponsored by Minnesota Counties Intergovernmental Trust and Minnesota County Attorneys Association, March 2023. 
  • “Preparing for the Inevitable: A Practical Guide to Cyber Incident Response,” presented to the Idaho Association of Counties 2022 Annual Conference in Downtown Boise, September 2022. 
  • “The GDPR in Higher Education,” webinar presentation with the National Cyber Forensics & Training Alliance to colleges and universities across the Commonwealth of Pennsylvania, December 2021. 
  • “Is Cyber Insurance Coverage Holding Local Government Ransom?” panel presenter to the National Association of Counties, October 2021. 
  • “Legal Issues Associated with Responding to and Remediating a Cyber Attack,” also presented “Interactive Cyber Incident Exercises” for  the County Commissioners Association of Pennsylvania program, KEYS: The Anatomy of a Cyber Claim, May 2021. 
  • Practice Makes Perfect: A Proactive Approach to Cybersecurity,” presenter, Eckert Seamans’ Legal Primer Series (Part 1), April 14, 2021. (recording)
  • “Executive Roundtable on Regulations and Privacy,” panelist, Converge20, October 2020.
  • “Model data breach notification law,” panelist, The Sedona Conference Working Group 11 Midyear Meeting 2020, September 2020.
  • “Privacy Update,” Pennsylvania Bar Institute Cyberlaw Update 2020, September 2020.
  • “Anatomy of a Data Breach,” panelist, TextIQ’s The Inevitable 2020 webinar series, September 2020.
  • “Data Breach Scenario Panel” Moderator and panel presenter at the 2019 Cyber Law and Privacy Symposium, Hosted by Carnegie Mellon University, May 2019. 
  • News You Can Use:  A review of recent judicial, legislative, and regulatory developments of significance to employers,” co-presented at Eckert Seamans’ Human Resources Forum, April 2019.
  • “The Net without Neutrality: Economic, Regulatory, and Informational Access Impacts,” co-presenter, University of Pittsburgh Law Review 80th Publishing Anniversary Symposium, March 2019. 
  • Cybersecurity: An Analysis of the Legal Landscape and Best Practices,” presenter, Eckert Seamans’ Continuing Legal Education Seminar, August 2018.
  • “Interactive Breach Scenarios,” presented at the NetDiligence Cyber Risk Summit, June 2018.
  • “Practice Makes Perfect: A Proactive Approach to Cybersecurity in an Interconnected Hotel Industry” presented at the Hotel & Lodging Legal Summit at Georgetown University Law Center, October 2017.
  • “Cybersecurity: There ARE Things Lawyers Can and Should Do,” CLE presentation, October 2017.
  • “You’ve Got Hacked: How to protect yourself against campaign data security dangers and liabilities,” panel presentation at the American Association of Political Consultants’ 2017 Annual Pollie Awards & Conference, March 2017.